We use cookies to customise content for your subscription and for analytics.If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

The CNIL published today a press release where it indicates that prior filings for transfers of data outside the EU will be facilitated for companies that have adopted Binding Corporate Rules (BCRs) for intragroup transfers of personal data:

Indeed, transfers of data outside the EU being subject to the prior authorization of the CNIL, the CNIL specifies that it will deliver to each group that has adopted BCRs, a “Single Authorization” relating to transfers of data outside the EU. Such “Single Authorization” will thus be a global authorization for transfers of data outside the EU and the entities of the group will no longer need to apply to the CNIL for each transfer of data from France outside the EU. To that end, companies that have adopted BCRs will be contacted by the CNIL's services within the next weeks in order to define the content of their respective “Single Authorizations”.

The CNIL’s initiative is a significant step forward for the simplification of international data transfers which aims at encouraging companies to adopt BCRs relating to the protection of personal data within companies.

Related topic hubs

Compare jurisdictions: Data Security & Cybercrime

"Generally, this service is wonderful. I find that the employment law newsfeeds are extremely helpful and relevant. The quality of the articles is usually quite good. The website provides an avenue for quick research regarding various employment law issues."